Rather Than Not Spying On Everyone, NSA Is Getting Rid Of 90% Of Its Sysadmins

from the you're-doing-it-wrong dept

The latest NSA plan to stop the next Ed Snowden is to get rid of 90% of their sysadmins and automating many of their jobs. I would imagine that more than a few sysadmins might have an opinion or two about the ability of the NSA to really automate away their jobs, but that's an interesting move nonetheless. Here's NSA boss Keith Alexander:

"What we're in the process of doing - not fast enough - is reducing our system administrators by about 90 percent."

Considering that sophisticated techies aren't very interested in working for the NSA these days, perhaps it all works out for them. But, really, another option for avoiding an Ed Snowden like situation might be -- and I'm just tossing this out for suggestion -- is to not spy on everyone and then not lie to Congress and the American public about it. Just a little tiny suggestion.

Also, this more or less confirms what was fairly obvious (due to the NSA leaks by Snowden) that sysadmins have near universal access in the NSA's system, and the recent claims that "only 35 analysts" had access to key information was -- as James Clapper liked to say -- one of those "least untruthful" claims coming out of the intelligence community.

Re: Re: 'In short, we pay ourselves to hose ourselves'.

Not just them

All large enterprises are moving this way, using new automated technologies combined with virtualization to eliminate admin and engineering positions. Its the next step in the technological revolution. The jobs they are able to replace with automation at this point are a step or two higher then the last 20 years. Cant wait to see what happens next.

Now that we have tools that allow four people to manage 10k machines where will all the unneeded sysadmins work? I guess we will still need people working minimum wage to swap broken parts at the datacenter.

Of course the NSA is automating, all large orgs and many small ones are doing the same thing. The sysadmins who do not learn these new automation technologies are the ones who will be looking for jobs.

In response to John Fenderson these automation tools work just as good on physical servers as they do virtual servers in the "cloud"

Re: Scapegoats

It was my thought that there's a 90% chance that more info will be leaked. Nothing like having a soon to be terminated sysop looking for revenge. My guess is every one of them are loading up thumb drives as we speak.

So at the same time as they are building up the world's biggest database of private information, they are also pissing off hackers around the world, and getting rid of 90% of the people who maintain their computer security. What could possibly go wrong with that.

The end is on the horizon...

Automation is fine and all but who's going to fix the automation when it screws up? I think we are witnessing beginnings of the actual end to the NSA's programs. It will eventually eat itself and no one will be around that can fix it when it does.

More propaganda that NSA is supposedly changing,

hurt, and disgraced. But IF anyone read the original -- instead of the intended take as Mike parrots it -- then it's plausibly planned long before. -- Oh, and surveillance is NOT being reduced, just turned over to more computers. Happy day, indeed.

So, the NSA is announcing it's going to blame 90% of the people with the same job as Edward Snowden for what Snowden did by firing them for Snowden's actions.

Well, what could POSSIBLY go wrong there? Surely none of those 90% will get pissed off enough to say, leak more documents. And surely none of the 10% will decide to do so either when they see the NSA decide punishing 90% of the people with the same job wasn't good enough.

Re:

This has nothing to do with stopping additional leaks.

The actions by the NSA and the executive branch right now are about making enough noise to distract the people from removing Obama from office and forcing a change to the laws that are allowing them to continue these programs.

i would have thought an even better option would have been to get rid of 100% of the sysadmins, after getting rid of everyone else in the NSA starting from the top and working down. after all, if we started at the bottom and worked up, we might be lied to and told that the top brass have gone when they are really still there, hidden behind a false FISC report or a 'secret interpretation of a spying law'!

Re: Re: Moving to the cloud

"Moving to an automated cloud provisioning system, he explained, would cut the number of hands that touch the NSA's internal systems and address vulnerabilities—such as a sysadmin loading data onto a thumb drive and walking out with it."

So now instead of NSA sysadmins having the ability to walk away with vital data, you've now outsourced that responsibility to a cloud provider!

MUCH, MUCH safer.

I think I've answered my original question about anyone there having a clue. It's clearly "no."

Re: Re: Moving to the cloud

Given that...I am beginning to wonder what sort of damage the Smith-Amash Amendment would have done considering part of it was shaving the NSA's budget.

The company my mother works for (the one that audits hospital Medicare and Medicaid insurance forms and bills) recently cut all the nursing staff under her that manually do the systematic reviews of the audits...this was done in favor of saving money and automation. In her line of work, the states that contract the company and this contract require human eyes to do the review work sent over to the auditor's database by law for a specific reason...in an automated systems environment for auditing, there is no way to tell if someone accessed the information to alter what to look for. The main issue is that humans are not as calculated and are better suited towards handing statistical anomalies.. We don't crash.

The NSA isn't all that bright. By automating those jobs they leave themselves wide open to renegade hackers and other potential problems. At the end of the day, you need actual people monitoring those systems not to mention the rabid fervor that this is going to cause with American voters.

Oh god no. Anyone with even the slightest hint of intelligence in a managerial position knows that you NEVER piss off the guys maintaining your computer systems. NEVER!!! How long until one of the guys being laid off "accidentally" fucks up the entire system?

What could go wrong?

( Warning : Sarcasm Alert! )

Anyone think about those wonderful DMCA takedown systems used by ( MPAA / RIAA ) to name a few?

Do they ever get anything wrong?
Never a false accusation, right?
Always target the right person, correct?
Never once have ID'd content wrong, have they?
So perfect that Error Correction was never implemented or needed.

Re: Re: What could go wrong?

What those sysops could do, aside from leaking more data, is to wipe out the whole database before they leave and put in some code to make the system unable to be restored. In other words, cause a complete system failure. And craft the code so it can spread to all the backups and wipe them out too.

Re:

It's really hard to imagine sysops that would be willing to do such a thing aside from the single wacko here and there. It goes against the grain of what it means to be a sysop -- a bit like expecting a doctor to intentionally kill a patient because the patient is a bad guy.

Crackers start your Engines

That is the exact opposite of security. Wouldn't leaving less sys-admins mean that is easier to exploit your way in with far less eyes watching things? That's not even getting into the whole anonymous tips from disgruntled ex-sysadmins of "The IP address is vvv.xxx.yyy.zzz and the access is based on foo version a.b port number is cccc, good luck". Suddenly a world record breaking in traffic and size torrent is out there to everyone.

Re: Crackers start your Engines

The ability of automation...

"The latest NSA plan to stop the next Ed Snowden is to get rid of 90% of their sysadmins and automating many of their jobs. I would imagine that more than a few sysadmins might have an opinion or two about the ability of the NSA to really automate away their jobs, but that's an interesting move nonetheless."

The most disturbing part of this is not whether they are capable of it...but the simple fact they are doing it. To quote Denis Nedry...

"You think that this type of automation is easy to come by? Or Cheap? Because if you can find a cheaper guy than me John, I would like to see you try..I really would"

Jurassic Park automation is easily muddied up and clogged.

I'm also reminded of the methods used by the IRS to target Conservative groups filing for non-profit status....using key word searches...imagine that type of targeting on all US citizens...then automate it!

When this system is finally in place I'm half tempted to repeatedly copy and paste the word "bomb" to see what happens to it as a comment to one of these threads.

I work on a team of 20 sysadmins at a govt agency, and we were discussing this and just started laughing. So if they cut 90% of our staff they would be left with 2 sysadmins. We wondered how anything would get done at all, I mean from the daily putting out "fires", to the patching and remediation of systems to all the other bs that comes up regularly, not to mention projects, upgrades, testing etc etc. We figured whoever the 2 left were would quit within a week.

Another Possible Interpretation

They gave a lot of people sysadmin privileges, so they've decided to look at who really should be a sysadmin. In this version, the whole automation thing is a red herring to avoid admitting their system security is lax.